[VIM] StaticStore vendor ACK of XSS issue (CVE-2005-4284)
Steven M. Christey
coley at linus.mitre.org
Thu Dec 22 20:14:17 EST 2005
I haven't followed up on the variation yet (bad me...) so presumably they
still have it :(
On Thu, 22 Dec 2005, security curmudgeon wrote:
> : After a bit of confusion, the vendor has now acknowledged the
> : search.cgi XSS issue:
> : The vulnerability has been corrected... thank you for bringing
> : that to our attention and the patched "search.cgi" has been emailed
> : to all customers and posted for download on our private forums.
> Does this include the variation (possible seperate script) that Matthew
> reported here? Or did they not distinguish?
More information about the VIM